Monday 30 December 2013

Vulnerability Management Training & Certification Free

Qualys Vulnerability Management Training and Certification is Free......!

 Follow the link.....!
https://gm1.geolearning.com/geonext/qualys/login.geo
Posted by at No comments:

OS FINGERPRINTING (Get OS Version of Remote PC) 

OS Fingerprinting Tools


Requirements
1. ICMP (ping) must be allowed from Source to Destination
2. Any Single port must be opened on Destination


Optional: Firewall may be active or not


## NMAP to get remote OS version


nmap -O 192.168.1.x






nmap -O -Pn 192.168.1.x






##PC with Active Firewall use below command


##(if any one port is open then it will show the OS version)




nmap -O -Pn -F -sT 192.168.1.x








NOTE: ICMP must be allowed from source to destination




## XPROBE2 to get remote OS version


XPROBE2 192.168.1.x








## PING to guess remote OS version


ping 192.168.0.x






it will return a TTL value match below table for remote OS




Operating System (OS)IP
Initial TTLTCP
window size


Linux (kernel 2.4 and 2.6)645840


Google's customized Linux645720


FreeBSD6465535


Windows XP12865535


Windows 7, Vista and Server 20081288192


Cisco Router (IOS 12.4)2554128








NOTE: Below Tools are not tested


## Windows Command to get OS Version of Remote PC 


WMIC /NODE:hostname OS




WMIC /NODE:hostname OS > C:\OS.txt




systeminfo /s IP.ADDRESS /u UserOnRemotePc




systeminfo /s 172.16.23.108 /u Student




Get-WmiObject -Class Win32_OperatingSystem -Namespace root/cimv2 -ComputerName <ipaddr_or_hostname> | Format-List -Property *




Get-WmiObject -Class Win32_OperatingSystem -Namespace root/cimv2 -ComputerName <ipaddr_or_hostname> | Format-List -Property Name, OSArchitecture, SerialNumber 














Posted by



at





No comments:
  







































          

        

          

        

Thursday 26 December 2013


          

        









HOW TO INSTALL LXDE DESKTOP ON LINUX MINT












INSTALL LXDE ON LINUX MINT 13



## add ppa for lxde desktop environment

add-apt-repository ppa:lxde/ppa



## update the repositories

apt-get update



## install lxde desktop

apt-get install lxde














Posted by



at





No comments:
  
















































APC UPS AUTO MAIL ALERTS














Open browser and put ip of ups 192.168.3.9







admin/admin







Set General Information of UPS in Administration → General → Identification





Put the DNS ip in Administration → Network → DNS → Servers section







Put Hostname and Domain Name in Administration → Network → DNS → Naming section













Change IP in Administration → Network → TCP/IP → Next 























Push Next button and change the ip below.















Go to Administration → Notification → Email → Server then put smtp and email id to send alerts from ups.




















































Put Receipents mail id in Administration → Notification → Email → Receipients section



















NOTE: 





To test the settings goto Administration → Notification → E-mail → Test 












Posted by



at





No comments:
  







































          

        

          

        

Friday 20 December 2013


          

        










NESSUS OFFLINE PLUGIN UPDATE












HOW TO UPDATE NESSUS PLUGINS OFFLINE IN WINDOWS 7



## Download offline plugins

https://plugins.nessus.org/offline.php



##Run following command and get a key

C:\Program Files\Tenable\Nessus>nessus-fetch --challenge



put challenge key and activation key and it will give a URL to download latest plugins




## copy offline plugins in below path (all-2.0.tar.gz)

c:\program files\tenable\nessus



## Open Command Prompt with admin permissions



## Move to the below mentioned path or where you have installed



c:\program files\tenable\nessus



c:\program files\tenable\nessus> nessus-update-plugins.exe all-2.0.tar.gz







or if it is not working c:\program files\tenable\nessus> nessus-update-plugins.exe all-2.0.tar.gz



then use below



c:\program files\tenable\nessus>nessusd.exe all-2.0.tar.gz










Posted by



at





No comments:
  
















































VMWARE CLOUD














VMWARE vCLOUD



SaaS



Software as a Services (Email and Web
Based Applications)







PaaS



Platform as a Service (Web hosting, Blog
sites, Java Engines)







IaaS



Infrastructure as a Service (Windows,
Linux, Mac OS)



            IaaS
Relatives



            DaaS



            Desktop
as a Service



            



            DRaaS



            Disaster
Recovery as a Service







vCLOUD DEPLOYMENT MODLES



Private



Local site data center 







Community



Data center for a group of companies
having common usage







Hybrid



Private and public as a single resource
using (vCloud Connector)







Public



Public/internet data center







vCloud
Challenges 



Elasticity                     Efficiency



Availability                  Management







Solution to the vCloud Challenges



vSphere



vCloud
Director



vCloud
Connector



vCloud
Network and Security (vCNS)



vCloud Automation Center                               vCenter
Site Recover Manager



vCenter Operations Manager                            vFabric
Suite



vCenter Chargeback                                        vFabric Hyperic







Components of VMware vCloud


    

  1. vCloud Director
    2. 

  2. vCloud Automation Center
    3. 

  3. vSphere
    4. 

  4. vCloud Networking and Security
    5. 

  5. vCenter Operations Manager
    6. 

  6. vCenter Chargeback
    7. 

  7. vFabric Hyperic
    8. 

  8. vFabric Suite
    9. 

  9. vCloud Connector
    10. 

  10. vCenter
     Site Recovery Manager
    11. 




1. vCloud Director



vCloud Director orchestrates the
provisioning of software-defined data center services as complete virtual data
centers that are ready in minutes.







It serves as a central command for your
cloud operations



Multi-Tenancy Support



Virtual Data Centers



Resource Pools and Controls



Storage and Networking Support



Linked Clones



Snapshots



Self Service Portal



Service Catalog



vCloud API Stack







Multi-tenancy



Support multi-tenant (user) access to the owned
isolated part the same cloud







Virtual Data Centers (vDC)



vApps treat customers as organizations







Class of services



Hardware choice



Cost choice







Resource Pools and Controls



To control organizations access to their
acquired virtual data centers







It only control cpu and memory







Storage and Networking Support



To control storage and networking for
customers.





Clones

A clone is a copy of an existing virtual machine. The existing virtual machine is called the parent of the clone.



Full Clone

A full clone is an independent copy of a virtual machine that shares nothing with the parent virtual machine after the cloning operation.





Linked Clones



A linked clone is a copy of a virtual machine that shares virtual disks with the parent virtual machine in an ongoing manner.







Snapshots



Allow to capture the running state of a
vm to undo if something goes wrong after applying patching. it cannot be replacement of backup.







Self Service portal



A web portal to access and manage vApps,
vDCs and Organizations







Service Catalog



Menus called service catalogs in vCloud
Director







vCloud API Stack



Programmatic access to resources







2. vCloud Automation Center



Policy based provisioning and life cycle
management tool for workloads in heterogeneous environment







Automation Center do for Clouds



Self-service portal for end-user requests



Policy-based provisioning and governance



Lifecycle managmenet for workloads



Automation of workflows and tasks



Intelligent Resource Governor







3. vSphere



VMware vSphere is VMware's cloud computing virtualization operating system. VMware vSphere, known in many circles as "ESXi".







4. vCloud Networking and Security



Provide virtual networking (virtual
switchs) and security







5. vCenter Operations Manager



It provides comprehensive visibility and insights into the performance, capacity and health of your infrastructure.

Performance



Capacity 



Configuration



Monitoring



Compliance



Cost









Super metrics






    

  • Health describes the current behavior of the 
environment and any problems that need to be addressed immediately. 
Health is composed of workload, anomalies and faults.  Workload is a 
measure of how hard the VM is working relative to the resources it wants
 and what it is entitled to using. Anomalies is an expression of the 
number of metrics trending above or below normal which is a leading 
indicator of upcoming performance problems, and faults is the number of 
“hard” thresholds that have been crossed when there is an availability 
issue or a hardware failure has occurred.
    • 

  • Risk describes the potential for future problems. 
Risk combines scores for time and capacity remaining before resources 
are exhausted. Risk also includes a new metric for stress which shows 
patterns of chronic strain. For example, during certain times of the 
week, there is more demand for resources in one cluster while other 
clusters are at or below capacity. You can use this information to 
optimize VM placement or to pre-allocated resources ahead of time.
    • 

  • Efficiency is a new super metric to describe 
optimal utilization of resources. Efficiency includes scores of 
reclaimable waste, such as idle, over- and under-provisioned VMs, and VM
 density.  VM density shows current consolidation ratio vs maximum 
possible ratio without performance degradation.
    • 






6. vCenter Chargeback



Chargeback provides visibility into virtual machine costs and lets you create customize cost models and metrics to suite to organization needs.







7. vFabric Hyperic (vCenter Hyperic)



Provides deep application monitoring,
using auto discovery hyperic continuously update the inventory of hardware,
software and services in infrastructure





It monitors operating systems, middleware and applications running in physical, virtual and cloud environment 



Support multiple OS



Support 85+ existing application
technologies



Custom plugins for other applications via APIs



Per-application remediation



Reduce down time



SLAs



Root cause determination







8. vFabric Suite



Application development and deployment
tools for a virtual or clouds PaaS environment 







9. vCloud Connector



Single interface for overseeing multiple
public and private clouds allowing you to move your workload including Vms,
vApps and template between private and public clouds.



•          Copying
a vApp from vSphere to a vCloud



•          Copying
a vApp from a private vCloud to a public vCloud



•          Copying
a vApp from a vCenter to another vCenter.



•          Even
in environments not running vCloud Director, vCloud Director can still be used
to copy and move vApps.



•          As
long as both vCenter Servers are added as clouds in vCloud Director, you can
freely move workloads between them







10. vCenter Site Recovery Manager



vCenter SRM is a disaster recovery offering that provides automated orchestration and nondisruptive testing for virtualized applications







Automate failover of VMs



Non-disruptive testing







VMware View Pod



A VMware View pod integrates five
2,000-user building blocks into a View Manager installation that you can manage
as one entity.







A pod is a unit of organization
determined by VMware View scalability limits.







Pod Diagram for 10,000 View
Desktops shows how all the components can be integrated into one manageable
entity.













  





The network core load balances
incoming requests across View Connection Server instances. Support for a
redundancy and failover mechanism, usually at the network level, prevents the
load balancer from becoming a single point of failure. For example, the Virtual
Router Redundancy Protocol (VRRP) communicates with the load balancer to add
redundancy and failover capability.









If
a View Connection Server instance fails or becomes unresponsive during an
active session, users do not lose data. Desktop states are preserved in the
virtual machine desktop so that users can connect to a different View
Connection Server instance and their desktop session resumes from where it was
when the failure occurred.







vCloud Networking and Security



VMware
vCloud® Networking and Security™ provides basic networking and security
functionality for virtualized compute environments, built using the VMware
vCloud® Suite. 









It
provides a broad range of services delivered through virtual appliances, such
as a virtual firewall, virtual private network (VPN), load balancing, NAT, DHCP
and VXLAN-extended networks. With vCloud Networking and Security, enterprises
can virtualize business critical applications with confidence, secure VMware®
Horizon View™ deployments and build secure and agile vCloud Suite based private
clouds.







vCloud Networking and Security virtual-appliance 



The Edge Gateway appliance establishes a perimeter gateway for network traffic to enter and leave a virtual data center. It provides a wide range of services, including a highly available stateful inspection firewall, IPsec site-to-site VPN, a server-load balancer, NAT, and network services such as static routing, DHCP and domain name system (DNS). 



A second type of virtual appliance, App Firewall, provides protection directly in front of one or more specific workloads (e.g., virtual machines).



Firewall

Stateful inspection firewall that can be applied either at the perimeter of the virtual data center or at the virtual network interface card (vNIC) level directly in front of specific workloads.



VPN

Industry-standard IPsec and SSL VPN capabilities that securely extend the virtual data center. Site-to-site VPN support links virtual data centers and enables hybrid cloud computing at low cost.



Load balancer

A virtual-appliance–based load balancer to scale application delivery without the need for dedicated hardware. Placed at the edge of the virtual data center, the 

load balancer supports Web-, SSL- and TCP-based scale-out for high-volume applications.





NAT



vCloud Networking and Security Edge incorporates a flexible NAT engine that can map network and port addresses using a familiar configuration model. Administrators can deploy protected zones, also known as “demilitarized zones” (DMZs), without needing to manually change addresses for servers and applications. Application-layer gateways for common protocols enable applications to function in NAT environments.


Virtual extensible LAN (VXLAN): is a network encapsulation mechanism that enables virtual machines to be deployed on any physical host, regardless of the host’s network configuration. It solves the problems of mobility and scalability in two ways:







It
uses MAC in UDP encapsulation, which allows the virtual machine to communicate
using an overlay network that spans across multiple physical networks. It
decouples the virtual machine from the underlying network thereby allowing the
virtual machine to move across the network without reconfiguring the network.











VXLAN
uses a 24-bit identifier, which means that a single network can support up to
16 million LAN segments. This number is much higher than the 4,094 (limit
imposed by the IEEE 802.1Q VLAN specification.









Provider vDC



A Provider vDC is a collection of
compute, memory, and storage resources from one vCenter. A Provider vDC
provides resources to organization vDCs.







A Provider vDC is represented as a
VMWProviderVdc element in the extension view and a ProviderVdc element in the admin view. A system administrator
can create a VMWProviderVdc or modify it to add or remove datastores,
storage profiles, and resource pools, or change other properties such as its
description. A system administrator cannot change the primary resource pool or
vCenter server that was specified when the Provider vDC was created.







Prerequisites



Verify that you are logged in to
the vCloud API as a system administrator



Choose a vCenter server to supply
a resource pool and storage profiles to this Provider vDC







Organization vDC



An
organization vDC is to allocate resources to an organization. An organization
vDC is partitioned from a provider vDC. A single organization can have multiple
organization vDCs.







Prerequisites



You
must have a provider vDC before you can allocate resources to an organization.







VMware vCloud Hybrid Service



VMware vCloud
Hybrid Service is available in two service options, giving you the flexibility
and scalability you need to meet your organization’s requirements. 







A dedicated cloud provides you with a
physically isolated infrastructure, giving you your own private cloud instance
and the most control over your resources. 











A virtual private cloud provides you with
logically isolated infrastructure, with fully private networking and resource
pools.



















vShield



VMware vShield is a
suite of security virtual appliances built for VMware vCenter Server
integration. vShield is a critical security component for protecting
virtualized datacenters from attacks and misuse helping you achieve your
compliance-mandated goals.







vShield includes
virtual appliances and services essential for protecting virtual machines.
vShield can be configured through a web-based user interface, a vSphere Client
plug-in, a command line interface (CLI), and REST API. 







vCenter Server
includes vShield Manager. The following vShield packages each require a
license: 



·        
vShield Manager



·        
vShield App



·        
vShield Edge



·        
vShield Endpoint



·        
vShield Data Security







One vShield Manager
manages multiple vShield App, vShield Edge, vShield Endpoint, and vShield Data
Security instances.







vShield
Manager



The
vShield Manager is the centralized network
management component of vShield, and is installed as a virtual appliance on any
ESX™ host in your vCenter Server environment.
A vShield Manager can run on a different ESX host from your vShield agents.







Using
the vShield Manager user interface or vSphere Client plug-in, administrators
install, configure, and maintain vShield components. The vShield Manager user
interface leverages the VMware Infrastructure SDK to display a copy of the
vSphere Client inventory panel, and includes the Hosts & Clusters and
Networks views







Failure Impact



Infrastructure
availability yes, service availability no. vShield Edge devices will continue
to run without the management control, but no addition edge appliances or
modifications to existing can occur until the service comes back online







vShield App



vShield App is a hypervisor-based firewall that
protects applications in the virtual datacenter from network based attacks. Organizations gain visibility
and control over network communications between virtual machines. You can
create access control policies based on logical constructs such as VMware
vCenter containers and vShield security groups—not just physical constructs
such as IP addresses. In addition, flexible IP addressing offers the ability to
use the same IP address in multiple tenant zones to simplify provisioning







The Flow Monitoring
feature displays network activity between virtual machines at the application
protocol level. You can use this information to audit network traffic, define
and refine firewall policies, and identify botnets.







vShield
Edge



vShield Edge appliances are self-contained environments
that are stateless in nature. There is a “health check” API call you can make
to a vShield Edge appliance to determine if it is functioning correctly. If the API returns
negative, then you should initiate a reboot of the vShield Edge device. At the
time of reboot, configuration information will be updated from the vShield
Manager and the vShield Edge device will continue to function properly.















vShield Endpoint



vShield
Endpoint offloads antivirus and
anti-malware agent processing to a dedicated secure virtual appliance delivered
by VMware partners. Since the secure
virtual appliance (unlike a guest virtual machine) doesn't go offline, it can
continuously update antivirus signatures thereby giving uninterrupted
protection to the virtual machines on the host. Also, new virtual machines (or
existing virtual machines that went offline) are immediately protected with the
most current antivirus signatures when they come online. 







vShield
Endpoint installs as a hypervisor module and security virtual appliance from a
third-party antivirus vendor (VMware partners) on an ESX host. The hypervisor
scans guest virtual machines from the outside, removing the need for agents in
every virtual machine. This makes vShield Endpoint efficient in avoiding resource
bottlenecks while optimizing memory use.







vShield Data Security



vShield Data Security
provides visibility into sensitive
data stored within your organization's virtualized and cloud environments. Based on the violations
reported by vShield Data Security, you can ensure that sensitive data is
adequately protected and assess compliance with regulations around the world.







vShield Zones



Verify that you are
logged in to the vCloud API as a system administrator. 







VMware vShield Zones
is a security virtual appliance that provides visibility and enforcement of
network activity within a VMware vSphere™ deployment to comply with corporate security
policies and industry regulations such as PCI or Sarbanes-Oxley.







Central Management of Logical
Zone Boundaries and Segmentation



• Leverage existing
virtual infrastructure containers hosts, virtual switches, VLANs as logical
trust or organizational zones



• Define policies to
bridge, firewall, or isolate network traffic between zone boundaries



• Manage and deploy
policies across entire VMware vCenter Server deployment



• Integrate with
VMware vCenter Server and automatically deploy on existing virtual networks



• Scan and discover
existing applications running on virtual machines to identify application
protocols







Network Enforcement and Flow
Monitoring



• Classify traffic by
network or application protocol (e.g. HTTP, RDP, and SNMP)



• Performantly filter
traffic with stateful packet inspection (SPI)



• Track dynamic port
connections for protocols such as FTP



• Track network
connections across VMware VMotion migration events.



• Easily convert
observed network flows into precise network enforcement rules.



• Monitor both
allowed and disallowed activity







Management and Reporting



• Access the
Web-based vShield Manager interface remotely from any Web browser



• Configure
administrators to be common with VMware vCenter Server or distinct for
separation of duties and roles



• View activity
hierarchically at individual virtual machine or aggregate levels and generate
graphical or tabular reports



• Retain log data for
archival and compliance purposes



• Export events and
data using syslog format







vCloud
Organizations



A vCloud contains one or more organizations. Each
organization represents a collection of end consumers, groups, and computing
resources. 







Users authenticate at the organization level, using
credentials established by an organization administrator locally within vCloud
Director or LDAP.







Administrative
Organization



A vCloud requires at least one organization. As a best
practice, the first organization to be created should be an administrative
organization. 







Administrative organization will own a master catalog
of vApp templates that are published and shared with all other (standard)
organizations.







Make sure that when you create the administrative
organization you set it up to allow publishing of catalogs.







Standard
Organizations



Create an organization for each tenant of the vCloud
as necessary. Each of the standard organizations should be created with the
following considerations:



•          Cannot
publish global catalogs



•          Use
system defaults for SMTP



•          Use
system defaults for notification settings



•          Use leases, quotas, and limits meeting the provider’s
requirements












Posted by



at





No comments:
  







































        

      









Subscribe to:
Posts (Atom)